🔥The 9th Round of Easy Loan, Earn $40 Reward is in progress❗️ ⏰ Promotion Period: January 15th - Feburary 15th, 2025 👉 Register now and check more details at gate.io/campaigns/358

Anyone can write complicated code. I wrote spaghetti way too complicated to understand, let alone debug, when I was starting out. What’s hard, truly hard, is writing simple code. It demands full concentration, skill, and the ability to say “no” (especially to yourself).

A big shout out to our fellow NSA employees far and near for National #EmployeeAppreciationDay! Your determination to stay a step ahead of all the rest makes the world a safer place. #GivingThanks

How many RTs for you to dress like me everyday, Dr. Crony?

If you've never written a backdoor in C, I recommend it. It's a different perspective on development compared to Go/Python/Such. You end up with a much better idea of how your code interacts with the OS and what's happening when.

The mark of a “real” APT is an actor that is able to make a choice as to where on the spectrum of sophistication they need to be in order to best guarantee mission success. This “adversary optionality” drives choices in implants, exploits, and infrastructure.

DLL Injection is a popular attack method. However, Linux library injection not so much. Jaime Blasco / @attcyber has released a detailed blog post on how to detect such attacks presented by TrustedSec / Kevin Haubris using osquery. alienvault.com/blogs/labs-res…

Check it out, latest blog post on selinux and auditd.

Get yourself a job / gig at some point in your career where you have no access to Google - sone facility with no phones or internet allowed or accessible for one reason or another. You will be stretched in ways you didn’t think possible and read man pages you’ve only skimmed.

Hey AT&T Help - *PLEASE* consider raising the 100GB data cap on rural workers using wireless LTE hotspots (no fixed wireless here). We could use a break right about now...

#TrustedSec is expanding its training with online, public offerings! Dave Kennedy shares how these instructor-led courses will help further educate our #InformationSecurity community and industry #TrainingTuesday hubs.ly/H0pg8Rl0

Cobalt Strike 4.1 allows code to be run in a more #OPSEC friendly manner. Senior Research Analyst Christopher Paschen outlines less obvious restrictions of Beacon Object Files and shares his #workflow to assist anyone tasked with writing in this format! hubs.ly/H0sBKQJ0

Now hiring: The first leader for the newly formed Cyber Incubator and Economic Development Center at Dakota State University. siouxfalls.business/new-dsu-cyber-…

Join Darkoperator | 🇺🇦 and Christopher Paschen for our next #webinar, "Using #Research to Gain Attack Intelligence," on Wednesday, November 4 at 1pm Eastern. Register now to get a glimpse into some of TrustedSec’s internal, proprietary tooling. hubs.la/H0yF--70

Join Senior Research Analyst Kevin Haubris in making memories in “COFFLoader: Building your own in-memory loader or how to run BOFs” by following his process breakdown ✨#blog hubs.la/H0G_m730

My colleague Gijs H posted an awesome blog on converting BOFs to shellcode, which enables you to use them with other/custom C2s. Shoutout to TrustedSec for the COFFLoader. medium.com/falconforce/bo… #FalconForce #RedTeam #Shellcode

The research team TrustedSec is happy to announce we're releasing some of our previously internal bof's. Most of it is using windows API's for primitives that can build up to larger actions. If that interests you see more here github.com/trustedsec/CS-…

Find out how building memory loaders can allow you to simulate BOFs for Linux and Mac using new Cobalt Strikes BOF internal functions in our newest #security #blog hubs.la/Q019vMpC0

🚨 Today we're excited to release Ghidrathon, a Ghidra extension that adds modern Python 3 scripting (including Python 3.10) to Ghidra! Blog 👉 mandiant.com/resources/blog… GitHub 👉 github.com/mandiant/Ghidr…

What started as a basic scanner project evolved into a comprehensive endeavor. In our latest post, Kevin Hubris reflects on XZ Utils backdoor news, exploring detection methods pre and post-upgrades. Read it now! hubs.la/Q02wlR460 #Security #Blog